How can I secure each ESB service with a unique user name in SOA-P 5?

Solution Unverified - Updated -

Issue

  • I have an ESB service that has an HTTP gateway defined, and that gateway is secured by a username and password:
        <http-provider name="http">
            <http-bus busid="secureFriends">
                <allowed-roles>
                    <role name="friend" />
                </allowed-roles>
                ...
            </http-bus>
            ...
        </http-provider>
  • And I have defined the users in my jbossws-users.properties file.
  • However, I have several publishers installed on JBoss ESB. I want to make sure that only the client I am allowing to send a message to my publisher can do that. But since there is one file for the users/passwords, as long as the client knows one of those working combinations, they can publish to my service.
  • My concern is around the username and password combination. The default is kermit / thefrog. Right now all of our HTTP gateways are secured by that one username. We have six separate .esb files each of which have an HTTP gateway secured by that username. I want to have it so that each service is secured by a unique username. So you can use kermit for ONE of the services, but none of the others. However right now any username in that file seems to work with any service.
  • How can I break it out so that only certain username / password combinations work for each service?

Environment

  • Red Hat JBoss SOA Platform (SOA-P)
    • 5.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In